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WHAT IS CLAIMED IS: 

1. A method for establishiiig a telephone call 
between a trusted Internet Protocol / (IP) telephone and an 
untrusted device, the method comprising: 

receiving a call initiation refquest from an untrusted 
device, the call initiation request indicating a desired 
communication with a trusted IP telephone; 

evaluating the call initiatd/on request; and 
establishing a telecommunication link between the 
untrusted device and the trusted IP telephone in response 
to a positive evaluation of the call initiation request, 
wherein establishing the telecommunication link comprises: 

associating a first /logical port of a telephony 
proxy with the trusted IP telephone; 

associating a seycond logical port of the 
telephony proxy with the untArusted device; 

receiving first telecommunication data from the 
untrusted device at the first logical port; 

modifying a first source address information in 
the first telecommunication data to specify the second 
logical port of the teleppony proxy; 

communicating A:he first telecommunication data 
with the modified first /source address information to the 
trusted IP telephone; / 

receiving second telecommunication data from the 
trusted IP telephone at the second logical port; 

modifying a /second source address information in 
the second telecommunication data to specify the first 
logical port of the nelephony proxy; and 

communicating the second telecommunication data 
with the modified second source address information to the 
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2 . A method for establishing/ a telephone call 
between a trusted Internet Protocol i/lV) telephone and an 
untrusted device, the method compris/ng: 

receiving a call initiation recjuest from an untrusted 
device, the call initiation request indicating a desired 
communication with a trusted IP telephones- 
evaluating the call initiat/on request; and 
establishing a telecommunication link between the 
untrusted device and the trussed IP telephone in response 
to a positive evaluation of the call initiation request. 

3. The method of Claim 2, wherein receiving a call 
initiation request from ythe untrusted device comprises 
intercepting a call initiation request at an entry point to 
a trusted network serviccing the trusted IP telephone, the 
call initiation request sent from outside the trusted 
network by the untrustzed device. 

4. The method of Claim 2, wherein evaluating the 
call initiation request comprises determining whether the 
trusted IP telephone is a proper recipient of a telephone 
call from an untrusted device. 

5. The /method of Claim 4, wherein determining 
whether the tzrusted IP telephone is a proper recipient of 
a telephone/ call from an untrusted device comprises 
determining/ whether a network address of the trusted IP 
telephone /is included in a list of approved network 
addresses / 
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6. The method of Claim 2, wherein evaluating the 
call initiation request comprises denermining whether a 
network address of the untrusted devyce is included in a 
list of approved network addresses. / 

7. The method of Claim 2, therein evaluating the 
call initiation request comprises /determining whether the 
untrusted device is requesting tWe establishment of media 
streaming with the trusted IP telephone. 

8. The method of Claim 2, wherein establishing a 
telecommunication link between the untrusted device and the 
trusted IP telephone /comprises establishing a 
telecommunication link using a telephony proxy, whereby all 
telecommunications between /the trusted IP telephone and the 
untrusted device are communicated through the telephony 
proxy , / 

9. The method / of Claim 8, further comprising 
monitoring the telecommunication link to determine whether 
the telecommunications being sent by the untrusted device 
use an appropriate audio format . 

10. The meuhod of Claim 8, further comprising 
monitoring the t^ecommunication link to determine whether 
the telecommunioations being sent by the untrusted device 
comprise media streaming. 
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:ion in the received 
icond logical port of 
the unt rusted device; 



11. The method of Claim 8, wherein ejfetablishihg a 
telecommunication link between the untrusted device and the 
trusted IP telephone using the telephony proxy comprises: 

associating a first logical port op the telephony 
5 proxy with the trusted IP telephones- 

receiving telecommunication data f/rom the untrusted 
device at the first logical port ; 

modifying source address ii 
telecommunication data to specify a 
10 the telephony proxy associated witl 

and 

communicating the telecommij^iicat ion data with the 
modified source address information to the trusted IP 
telephone . 

12. The method of Clad/n 11, wherein associating a 
first logical port of th/fe telephony proxy with the 
untrusted device comprises^ associating a User Datagram 
Protocol (UDP) logical poyt to enable the streaming of IP 

2 0 packets. 
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13. The method of Claim 12, wherein modifying the 
source address information in the received 
telecommunication datta comprises modifying a source IP 
address and a source/port in a header of each IP packet. 
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14. A communication network for establishing a 
telephone call between a trusted telephone and an untrusted 
device, the communication network comprising: 

a first trusted network; / 

a trusted .telephone coupled rto the first trusted 
network; / 

an authentication controller coupled to the first 
trusted network and operable to ervaluate a call initiation 
request received from an untrusted device external to the 
first trusted network, the/ call initiation request 
indicating a desired communication with the trusted 
t e 1 ephone ; and / 

a call manager operabl/e to initiate the creation of a 
telecommunication link between the trusted telephone and 
the untrusted device in response to a positive evaluation 
of the call initiation inquest. 

15. The communidation network of Claim 14, wherein 
the. call manager is/ further operable to initiate the 
creation of a telecommunication link between the trusted 
telephone and the untrusted device using a telephony proxy, 
whereby all telecommunications between the trusted 
telephone and the /intrusted device are communicated through 
the telephony proxy. 

16. The aommunication network of Claim 15, wherein 
the telephony proxy, the authentication controller, and the 
call manager /comprise software executed on one or more 
devices in tne first trusted network. 
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17. The communication network of yGlaim 14, wherein 
the authentication controller is a corrrtbonent of the call 
manager . 



18. The communication network pt Claim 14, wherein; 
the first trusted network Comprises an Internet 
Protocol (IP) network; and 

the trusted telephone compris^es an IP telephone. 



10 19. The communication 

the first trusted network 
coupled to the Internet . 



twork of Claim 14, wherein 
the untrusted device are 



20, The communi cat iory network of Claim 14, wherein: 
15 the first trusted ne/:work is coupled to the Public 

Switched Telephone Networfe (PSTN) using a gateway; and 
the untrusted devic^ is coupled to the PSTN. 



21. The communication network of Claim 14, further 
2 0 comprising: 

a second trusted/ network, the untrusted device coupled 
to the second trustQfd network; and 

an untrusted / network coupling the first trusted 
network to the secrond trusted network. 



25 
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22. The communication network of claim 14, wherein 
the authentication controller comprises a list of addresses 
of network devices permitted to receive telephone calls 
from untrusted devices, the authentication controller 
evaluating a call initiation request positively if the call 
initiation request indicates a desired communication with 
a network device having an address Ln the list of network 
addresses. / 

23. The communication network of Claim 14, wherein 
the authentication controller comprises a list of network 
addresses of untrusted devices permitted to communicate 
with the trusted telephone, tMe authentication controller 
evaluating a call initiation yequest positively if the call 
initiation request originates from an untrusted device 
having an address on the list of network addresses. 

24. The communication network of Claim 14, wherein 
the authentication controller is further operable to 
monitor the telecommunication link between the trusted 
telephone and the untrusted device to determine whether 
telecommunications being sent by the untrusted device use 
an appropriate audio format . 

25. The communacat ion network of Claim 14, wherein 
the authentication/ controller is further operable to 
monitor the telecommunication link between the trusted 
telephone and the/ untrusted device to determine whether 
telecommunications being sent by the untrusted device 
comprise media st/reaming. 
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26. Software embodied in a computerVreadable medium 
and operable to perform the following steps: 

receiving a call initiation requeslz: from an untrusted 
device, the call initiation request indicating a desired 
communication with a trusted Internet Protocol (IP) 
telephone ; / 

evaluating the call initiaticon request; and 
establishing a telecommunication link between the 
untrusted device and the trusted IP telephone in response 
to a positive evaluation of tile call initiation request. 

27. The software of /Claim 26, wherein receiving a 
call initiation request from the untrusted device comprises 
intercepting a call initiation request at an entry point to 
a trusted network servicing the trusted IP telephone , the 
call initiation request sent from outside the trusted 
network by the untrusted device. 

28. The software of Claim 26, wherein evaluating the 
call initiation r4quest comprises determining whether the 
trusted IP telephone is a proper recipient of a telephone 
call from an untrusted device. 

29. Thar software of Claim 28, wherein determining 
whether the /trusted IP telephone is a proper recipient of 
a telephone call from an untrusted device comprises 
determining whether a network address of the trusted IP 
telephone? is included in a list of approved network 
addresses , 
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30. The software of Claim 26, wherein evaluating the 
call initiation request comprises determining whether a 
network address of the untrusted devicef is included in a 
list of approved network addresses. / 

31. The software of Claim 26, whferein evaluating the 
call initiation request comprises determining whether the 
untrusted device is requesting the establishment of media 
streaming with the trusted IP telermone. 

32. The software of Claim ^6, wherein establishing a 
telecommunication link between mie untrusted device and the 
trusted IP telephone comprises establishing a 
telecommunication link using a telephony proxy, whereby all 
telecommunications between tne trusted IP telephone and the 
untrusted device are communicated through the telephony 
proxy. / 

33. The software of Claim 32, further operable to 
monitor the telecommunication link to determine whether the 
telecommunications being sent by the untrusted device use 
an appropriate audio format . 

34. The software of Claim 32, further operable to 
monitor the telecommunication link to determine whether the 
telecommunications being sent by the untrusted device 
comprise media streaming. 
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35. The software of Claim 32, yherein establishing a 
telecommunication link between the untrusted device and the 
trusted IP telephone using the telephony proxy comprises: 

associating a first logical/ port of the telephony 
proxy with the trusted IP telephone; 

receiving telecommunicatioiV data from the untrusted 
device at the first logical portt; 

modifying source address information in the received 
telecommunication data to specfify a second logical port of 
the telephony proxy associated with the untrusted device; 
and / 

communicating the telecommunication data with the 
modified source address Anformation to the trusted IP 
telephone . / 

36. The software of Claim 35, wherein associating a 
first logical port of the telephony proxy with the 
untrusted device comprises associating a User Datagram 
Protocol (UDP) logical port to enable the streaming of IP 
packets. / 

37. The software of Claim 36, wherein modifying the 
source address/ information in the received 
telecommunication data comprises modifying a source IP 
address and a source port in a header of each IP packet. 
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38. An apparatus for establi/shing a telephone call 
between a trusted Internet Protocol (IP) telephone and an 
untrusted device, the apparatus domprising : 

an authentication controller operable to evaluate a 
call initiation request receiveyd f rom an untrusted device 
external to a trusted network, /the call initiation request 
indicating a desired communication with a trusted IP 
telephone coupled to the trusteed network; 

a call manager operable/ to initiate the creation of a 
telecommunication link between the trusted IP telephone and 
the untrusted device in response to a positive evaluation 
of the call initiation request; and 

a telephony proxy, tflne telecommunication link between 
the trusted IP telephone and the untrusted device created 
using the telephony proKy such that all telecommunications 
between the trusted IR^ telephone and the untrusted device 
are communicated throngh the telephony proxy. 

39. The apparatus of Claim 38, wherein the 
authentication controller comprises a list of addresses of 
network devices pe/rmitted to receive telephone calls from 
untrusted devices/ the authentication controller evaluating 
a call initiation request positively if the call initiation 
request indicates a desired communication with a network 
device having an address in the list of network addresses. 
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40. The apparatus of Clairfi 38, wherein the 
authentication controller compriso/s a list of network 
addresses of untrusted devices pe^rmitted to communicate 
with the trusted IP telepho^ie, the authentication 
controller evaluating a call init^iation request positively 
if the call initiation request o/:iginates from an untrusted 
device having an address on th^ list of network addresses. 



10 41. The apparatus o/E Claim 38, wherein the 

authentication controller ys further operable to monitor 
the telecommunication link yoetween the trusted IP telephone 
and the untrusted dfevice to determine whether 
telecommunications being/ sent by the untrusted device use 
15 an appropriate audio format. 
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42. The apparaftus of Claim 38, wherein the 
authentication contiToller is further operable to monitor 
the telecommunication link between the trusted IP telephone 
and the untrugted device to determine whether 
telecommunicationfe being sent by the untrusted device 
comprise media ^reaming. 
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43. The apparatus of Claim 38, whe2?4in the telephony 
proxy comprises: / 

a first logical port associated: with the trusted IP 
t e 1 ephone ; / 

a second logical port associated with the untrusted 
device; / 

an address modification /module operable to modify 
source address information/ in telecommunication data 
received at the first log/cal port from the untrusted 
device to specify the second logical port of the telephony 
proxy; and / 

a transmission module operable to communicate the 
telecommunication data /with the modified source address 
information to the trusted IP telephone. 

44. The apparatyus of Claim 43, wherein the first and 
second logical poros are User Datagram Protocol (UDP) 
logical ports . / 

45. The appa^ratus of Claim 43, wherein the address 
modification moduAe is operable to modify a source IP 
address and port Information in a header of an IP packet. 



